Discussion in 'privacy problems' started by RCGuy, Apr 11, 2015.
This is such a cool thread.
Yep ditto, unique. It always has been whenever I've tried that test.
Part of that will stem from using Pale Moon.
So the risk of using a less common browser with a security focus, is that my information security is very poor and it's pretty easy for the big companies to track me.
I've never heard of that. Maybe somewhere? But you can buy gift cards and various sorts of online money in stores, more or less anonymously, depending on where you live. And buy VPNs with that. Also Bitcoins.
If you'll be using just one VPN, and connecting to it directly, it will know your IP address. And so, if anything important goes down, "they" will know who you are. But still, using a semi-anonymous payment method does hide you a little better.
VPNs are faster, but Tor provides far stronger anonymity. Using multiple VPNs in a nested chain is slower than a single VPN, but still faster than Tor. But it's still less anonymous. See my guides on iVPN:
Yes, virtual machines. In my case, using VirtualBox. I'm not vary familiar with Sandboxie. Some here swear by it
That depends on your threat model. The guides that I linked to get into that.
Yes, that's basically it. Look like several independent people. That makes you less identifiable.
I don't completely agree. If for example each time you connect you have different user agent, your browser accepts different languages, uses different plugins, and connects to the web with different IP, etc etc it is possible that for each connections you will have a big fingerprint ("unique amongst 5 billions users") and at the same table not being traceable because each of your "incarnation" is completely different from the others, so that your presence at time t on a site can not be linked to your presence on this site a time t+1.
On the other and, in using and full activating noscript (an addon which dramatically reduces your fingerprint), your presence on a site a time t can be linked to your presence on this site a time t+1: It suffices that you will be the sole visitor of this site between t and t+1, with a such low fingerprint. You will then be recognized as "the guy with a very low fingerprint", or even "the guy with *the* very low fingerprint". Not having a fingerprint is having a very special fingerprint! (until most Internet users will choose to have the same low fingerprint).
There are plenty of TOR users so that being a generic TOR user (no special fingerprint, just a vanilla TOR user) leaves you as one among thousands of others. Use of the TBB will absolutely identify you as a TOR user, but nothing about it separates you from all the others of us. Just use it intelligently and you should be good to go. I am a security freak and being generic is a good thing. My .02
Yeah, I was talking about like one's local Micro Center or Best Buy. But I did look at their websites and it didn't seem as if they had any.
Good idea about the gift cards, but I still have to look up what Bitcoins are all about, even though, I've heard of them.
Yeah, several years ago I started a thread at a popular forum(and without a VPN) where I mentioned the name of a local movie theater because of some issues that they had(which I'm not going to mention), and the next time that I went to that theater, I could tell by a few things that some of the employees inadvertently said to me that the movie theater had found out that I was the person who had mentioned them on the internet forum. I mean for real-for real.
Okay, I'll have to catchup on my virtual machines and VirtualBoxes, etc.
Yeh! Looks like I'm doing something right.
While we're on the subject of Tor, does anyone know if the Tor browser is subject to malware, and if you can use the Tor browser with Sandboxie?
All browsers are subject to malware. What I believe is that the TOR team has done a pretty decent job at "hardening" the TBB against malware exploits. Of course nothing is perfect. I live in linux world, but I am familiar with Sandoxie and have a lifetime contract for some family windows machines.
I would advise and offer that a better alternative for what you might want is the use of virtual machines within which you would run the TBB. The VM's can be snapshot protected so that a perfectly clean version is brought up every time you mount the machine. Sort of like a super-sandbox if done correctly, and if the VM is linux even better!!
The above said; I do use Sandboxie on my family computer but I only protect against malware not privacy, anonymity, "five eyes", etc.... I don't know what you are protecting against here. Just offering .02 and not claiming to be anyone "smart"!!
You can also run VMs from CDs on machines with no HDD or SSD. Everything runs in RAM. I've created boot CDs with Debian server host OS running a VPN client, VirtualBox, a pfSense VPN gateway VM, a pfSense Tor gateway VM, and a Debian workspace VM with LXDE.
I took that browser fingerprinting test recently also.
The main parameters that make my browser stand out are plugins and fonts.
Im not even sure how come websites can *know* what fonts I use. Why is it a shareable information?
I am using umatrix that spoofs referer, but that doesn do anything if my browser broadcasts plugins and fonts installed.
I wish there was an app for that since using tor or a virtualboxed windows is a pain
Separate names with a comma.